Blog

Is your data safe to go?

15th December 2016

Data breach incidents on the rise

In recent years there have been numerous high profile data breach incidents, the severity and financial implications of which have been well publicised. But despite this, the number of data breaches reported continues to increase every year.

According to the Data Breach Index, there has been a 125% increase in the number of compromised records in the first half of 2016, versus the same period of 2015. It is reported that a staggering 554,454,942 records were lost or stolen between January and June this year, equating to 35 records every second!

The true cost of a breach

And the cost of this growing number of breaches?

The short term costs are fairly obvious; fines, legal fees, communications and PR, crisis management, consultancy costs, loss of staff… but it’s the longer term expenses that pose the greatest threat, and are often overlooked amidst the initial post-breach panic.

Costs which impact on the longer-term health of an organisation can include; abnormal turnover of customers, increased customer acquisition costs, reputation loss and goodwill, notification to outside firms, increased security investments, higher incident/forensic/audit and compliance costs, class-action lawsuits and time lost/resources pulled from other projects.

The 2016 Cost of Data Breach Global Study* reports the average total cost of a data breach to be US$4 million, an increase of 23% compared to 2013. Per capita costs vary greatly (from US$61 to US$221) with the average cost being US$158 per lost/stolen record.

Costs set to increase with EU GDPR

The implementation of new European General Data Protection Regulations (EU GDPR) in May 2018 could see companies being fined up to 4% of their global annual turnover (or €20 million – whichever is greater) in the event of a data breach.

Globally organisations that handle data pertaining to EU citizens, are being encouraged to familiarise themselves with the new EU GDPR and take action now to ensure conformity, if they want to avoid crippling fines. Experts indicate it could easily take 12 months, if not longer, to implement a process to ensure GDPR compliance. Don’t go into another year without a solution in place or you may pay the price of a hefty fine.

Information Security Solutions Made Simple

The internet is awash with information and resources relating to the new EU GDPR.

To help organisations keep their business data safe and secure, and ensure they are prepared for the EU GDPR, Cardwave has created a useful guide containing checklists, staff information, security questionnaire and other resources. Download your free copy of our Information Security Solutions Made Simple guide now.

Can data encryption help?

Worryingly human error, including the loss or theft of an unencrypted data storage device (e.g. USB stick), still counts for 25% of breaches.

Globally over 20 million USBs are lost every year, with the ICO (Information Commissioners Office) reporting a 20% increase in incidents involving unencrypted devices in Q1 2016/17 (vs Q4 2015/16).

It is reported that the extensive use of encryption can reduce breach costs by US$13 per record.

Encryption is the process of changing or transforming your files according to a set of rules and algorithms, into a format that others cannot read.

A simple, yet effective way to protect sensitive data whilst in transit is to invest in encrypted USBs (such as SafeToGo™) for staff.

Benefits of SafeToGo™ include:

Mandatory password protection

Automatic hardware encryption

User-friendly set up

Timer lockdown

Hardware brute-force protection

Authorised auto-run

Fast start-up

Total reset

Compact design

Zero failure

Rugged construction

SafeConsole™ compatibility – manage all your SafeToGo™ devices centrally to help with compliance, no matter where they go. SafeConsole™ gives organisations further capabilities such as remote killing of USBs, geolocation and geofencing.

If a USB is lost or stolen and the data on it is encrypted, the incident would be classed as a security breach, rather than a data breach, and may not have to be reported!

Raspberry Pi

Cardwave are delighted to be recognised by the Raspberry Pi Foundation for being a valued partner and supplier. We have enjoyed a close business relationship with the foundation since the massively successful launch of the Raspberry Pi in early 2012. Cardwave works with memory distributor, Xel Electronics, who supply Samsung SD cards to Premier Farnell and RS Components, two of the companies authorised by the charity to supply the Raspberry Pi. We are pleased to work with the foundation again on this superb SD card offering. Visit website